Applying the ACPO guidelines to building automation systems

Document Type

Conference Proceeding


Springer Verlag


Security Research Institute




Sutherland, I., Spyridopoulos, T., Read, H., Jones, A., Sutherland, G., Burgess, M. (2015). Applying the ACPO guidelines to building automation systems. In Proceedings of the Third International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 684-692). L.A., USA. Available here.


The increasing variety of Internet enabled hardware devices is creating a world of semi-autonomous, interconnected systems capable of control, automation and monitoring of a built environment. Many building automation and control systems that have previously been limited in connectivity, or due to cost only used in commercial environments, are now seeing increased uptake in domestic environments. Such systems may lack the management controls that are in place in commercial environments. The risk to these systems is further increased when they are connected to the Internet to allow control via a web browser or smartphone application. This paper explores the application of traditional digital forensics practices by applying established good practice guidelines to the field of building automation. In particular, we examine the application of the UK Association of Chief Police Officers guidelines for Digital Evidence, identifying the challenges and the gaps that arise in processes, procedures and available tools.



Access Rights

subscription content